0

Trying to allocate a char array of N elements.

#include <stdio.h>
#include <malloc.h>

int main()
{
     int N = 2;

     char *array = malloc(N * sizeof(char)); 

     array[0] = 'a';
     array[1] = 'b';
     array[2] = 'c';    // why can i do that??

     printf("%c", array[0]);
     printf("%c", array[1]);
     printf("%c", array[2]);  //shouldn't I get a seg fault here??

     return 0;
 }

The question is:

Since I am allocating 2 * 1 = 2 bytes of memory that means i can have 2 chars in my array. How is it possible that I have more?? I also printed sizeof(*array) and it prints 8 bytes. What am I missing here?

Improve this question
6
  • 4
    That's undefined behaviour. Be glad that your cat didn't catch fire. Commented Feb 24, 2015 at 18:33
  • 3
    C doesn't really care if you go past the end of the array (it's undefined behavior). As long as that memory exists, there is a chance that it will work, depending on your compiler, OS, and other things. However, your compiler should have given you a warning about this. Commented Feb 24, 2015 at 18:34
  • 2
    sizeof(*array) should be 1, not 8. Maybe you printed sizeof(array), which gives the size of a pointer. Commented Feb 24, 2015 at 18:34
  • Why 1 and not 2? I have space for 2 chars. Commented Feb 24, 2015 at 18:37
  • @eigenchris The variable named array is actually a pointer, not an array. Commented Feb 24, 2015 at 18:45

2 Answers 2

Reset to default
2

A segmentation fault occurs when a program tries to access a memory address which has not been mapped by the operating system into its virtual memory address space.

Memory allocation occurs in pages (usually 4k or 8k, but you can get larger pages too). So the malloc() call gets a memory page from the OS and carves off a piece of it for the array and returns a pointer to that. In this specific case, there is still a large piece of the page remaining after your array (unallocated but already available for use with subsequent calls to malloc()) - array[2] references a valid address within the page, so no segmentation fault.

However, you are accessing memory beyond the array and as mentioned in the comments, that is undefined behaviour and would probably cause memory corruption in a larger program by overwritting the value of unrelated variables.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Actually.... on most platforms (32-bit or 64-bit anyway) the exact example show would not be likely to cause corruption of anything important. Nearly all malloc implementations allocate at least enough space for a pointer. That said, it's still undefined behavior and a terrible practice.
So this works because the memory I am accessing exists but it is not "part" of the array.
@pirox22... yes that's it in a nutshell.
0

The 0th and 1th elements are inside of valid memory allocation. With the 2th element you have trespassed into unallocated memory. Will work fine, until that part of the memory gets allocated for something else, then your 2th element will start having crazy values. Your code will go nuts. But as @jon pointed out, the compiler is supposed to be catching this, unless you have asked it to shutup

Improve this answer

2 Comments

I am using gcc and it doesn't print any warnings :/
I was wrongly confident that gcc itself should catch this, but no it did not. Tried splint. It caught other issues except for this bounds checking. Strange.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.